The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age

David Sanger’s “Perfect Weapon” (PW) is an excellent overview of 21st century weaponry and war. Author Sanger is the NYTimes national security correspondent and he teaches national security policy at Harvard’s Kennedy School of Government. At 308 pages, PW is the Perfect Book for this subject - extremely readable, even for non-technos like myself. It is interesting, revealing, often anecdotal and scary. It identifies all the key players, and the top five includes a couple most of us would leave out – the USA, Russia, and China of course, but also North Korea and Iran. While it offers hope for the next generation, it pulls no punches in identifying some worrying risks for the nearer term.

Sanger starts with three incidents that show more most of us are rather familiar with: the hacking of the DNC, the destruction of the Iranian nuclear labs, and the Snowden affair. However, Sanger includes background and impacts for each, enhancing our understanding of what happened and the longer term impacts of these events. For example, the Iranian centrifuge destruction was a joint US-Israeli operation (suspected for years after, but not proven) which hinged on the development of malware twenty times more powerful than anything used prior. Mock-ups of the Iranian labs were constructed in Tennessee and Israel. The code caused centrifuges used to develop nuclear product to run at non-controllable speeds, eventually blowing up, destroying facilities and killing lab technicians. While It has still not been made clear how the code found its way to Iran’s systems, there is nevertheless a realization that the attackers fumbled a bit and consequently the code leaked out to the rest of the world causing considerable collateral damage. In a similar vein, a very interesting rendition of North Korean failures of missile launches in 2016, followed by the next year’s complete turn-around of their launching and test capabilities illustrates how effective cyber weapons might be and how quickly how some defenses may respond. It’s a very new world….

And to that point, Sanger makes the distinction between cyber and nuclear warfare throughout PW. For example, each of the big five have the capability of causing significant damage to the vital infrastructure of the others. And the scariest element of such an attack is that would come not only instantaneously but also anonymously. Undetectable. Of course, months and months later, perhaps years, there would likely be “proof” of the attacker’s identity, but initially there would be only speculation. So, how to respond? Oh, and other countries malware already resides in many of US utilities’ systems, and vice versa. Huge issues, scary issues. And if you have ever watched any government hearings and listened to some of our senior leadership struggle with respondent’s techno jive (as I would in their place), you become a bit uneasy over who and how are some of our long term and very, very, very short term decisions being made.

And who is responsible for building hack-proof systems to defend our electric grid? To defend Sony Pictures? Government? Industry? And who responds if Tech company ABC headquartered in California but a global company, is attacked? What if their operations in China are attacked? Who responds and how? Tough questions, no easy answers.

It’s all in the book. I highly recommend that you read it. show less

David Sanger’s “The Perfect Weapon” is largely a compilation of reporting he and The New York Times produced over the past few years about American preparedness for cyberwarfare.

Sanger complains the America isn’t prepared, has no policy or dividing line between cyberespionage and offensive attacks, has greater vulnerability than other nations because of its advanced economy, and is regularly giving up secrets because of the porousness of its government’s own networks.

Really there’s little new here.

In spite of the lessons learned from the 9/11 attacks, it sounds as though the American intelligence community is once again at war with American offensive capability: the spooks fear sharing their knowledge of their foes with the show more defence establishment who want to intrude and cripple the enemy.

And the enemy is getting smarter. In addition to stealing American secrets, Chinese investment is buying into Silicon Valley startups and getting full warning about what is on the horizon.

What anyone will find alarming about this analysis is that few in Washington know when or if to use conventional weapons in this new environment.

The current confusion over Russian meddling in the 2016 election being a case in point. Donald Trump aside, America is unsure what the most useful response to Putin should be, what will be a sufficient disincentive to future meddling both in American infrastructure and those of its allies. (NOTE: As I write this Chinese countervailing duties target Republican strongholds in the MidWest. Why Russian trolls count as “political meddling” in internal US affairs and the Chinese blowback doesn’t escapes me.)

This is what Trump ought to be hashing out at NATO meetings.

If the Stuxnet attacks on Iranian centrifuges showed American and Israeli cyberforces on the forefront, much of that lead may have disappeared as Russia, China, Iran, and North Korea throw greater and greater resources at the problem.

Korea has even resorted to cybercrime to finance their programs.

But these vulnerabilities raise an even more fundamental issue: think back to the invention of the Internet by contractors working for DARPA. The original purpose of the Internet was to distribute control of American defence command to withstand a debilitating nuclear attack.

It is the very structure of the Internet which is opening American vulnerabilities, giving safe haven to America’s foes, and is proving a fertile testing ground for new and diabolical weapons of mass destruction.

Here again technology is coming back on itself. America’s (and our) foes are throwing its weapons back at itself very, very quickly. When it took years for the Soviets to replicate the American Atomic bombs and delivery mechanism, and its hydrogen bombs, the timeline for stealing NSA weapons and throwing back against the allies has dramatically shrunken.

This has the potential to dramatically increase tensions and destabilize all of our societies.

Overlay these tensions with advances in AI, genetic engineering, climate change, and new techniques to 3D print and distribute weapons, and you get one heck of a toxic environment.

That really sucks. show less

In The Perfect Weapon, author David E Sanger does an excellent job of terrifying me. With America’s Allies and Enemies having Cyber weapons and attack capabilities, you would think that the leadership of America would have some kind of plan or something. Apparently, they do not have anything of the kind. Our weapons of mass destruction are aging at a steady rate, the launch computers are apparently using Floppy Disc Drives, and the people in charge of reacting to the threats are sitting on their laurels. It is really quite ridiculous to think that some old person who knows nothing of computers and what they are capable of is in charge of making laws and things, but that is the case in America. Then you have to combine that with the show more fact that our own laws and bureaucratic tendencies make us slow to react and you have a giant recipe for disaster.

Now I suppose it is not all bad, there is this book that was allowed to print I suppose. However, keeping our own capabilities a secret is like shooting ourselves in the foot. Not to mention that the people with legit access to our secrets are idiots. Do you know how the Russians accessed some really important line in the Chain of Command that stems directly from the President? Some idiot found a USB drive lying on the ground somewhere and plugged it into a computer station with access. That is ridiculous.

The book is named the way it is because, when used properly, Cyber weapons are difficult to trace and pin on any single aggressor. They are silent, and in many cases cause annoyance rather than straight up death.

The author gives some advice, but a lot of it will fall on deaf ears. Thus, this book sickens me. It wasn’t really enjoyable, but it was quite informative. show less

In The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age, New York Times national security correspondent David Sanger talks about nations’ pervasive and growing uses of spyware and malware to achieve their ends. According to Paul Pillar’s review in the Times, Sanger’s book is “an encyclopedic account of policy-relevant happenings in the cyberworld (that) stays firmly grounded in real events.”
It’s not a question of keeping the stuff out of our electric grid, the controls of our nuclear plants, our military establishment, our government. It’s already here. And a piece of spyware in our systems—watching, waiting—can turn instantly destructive on command.
While U.S. companies, utilities, and some government agencies show more would like to reveal how much they know about these intrusions—“hey, we’re looking at you, too, so watch it!”—the clandestine services argue against it, because they don’t want others to know that we know and what our detection capabilities are, much less guess our offensive capacity. If you were suspicious of that improbable string of fizzling North Korean missiles last year and thought “could it really . . ?” you were right.
Sanger’s riveting journalism includes the woes Russia has inflicted on Ukraine, especially its power grid, a seeming test-bed for attacks on the West; it reviews the Stuxnet virus developed by the U.S. and Israel, which exceeded its mission of damaging Iran’s nuclear centrifuges to emerge in the wild; he covers the fallout from Edward Snowden’s revelations; and he describes more recent threats. Across at least three Administrations in Washington, the responses to the size and potential scope of this threat have been paltry. “The clock cannot be turned back,” he says, and it’s up to all of us to hear the ticking. show less

Solid layperson's overview of the growing use of cyberweapons by governments around the world. Sooo many more questions than answers at this point, and it's hard to see how we develop global agreements for managing invisible, deniable attacks. Thought provoking book by a good NYTimes writer.

This is a wake-up call to America. This should be a must read for every American, government official and corporation. Because it proves, in excruciating detail, how vulnerable our systems are to cyber attack. But more importantly, how ill-prepared we are to stop it.

Excellent overview of the current state of cyberwarfare (and wow, this stuff is real and ongoing). I'd heard discussions of all of the hacking mentioned in this book, but never with the political issues, only the technological issues. This added a new dimension for me.

And it is pretty terrifying.